Lucene search
Veracode Vulnerability DatabaseVERACODE:21729HistoryOct 17, 2019 - 6:31 a.m.
Cross-Site Scripting (XSS)
2019-10-1706:31:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
25.0%
Dolibarr is vulnerable to cross-site scripting (XSS). The attack exists because it does not escape the “Email used for error returns emails (fields ‘Errors-To’ in emails sent)” field of “outgoing email setup” feature in the admin/mails.php?action=edit URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | le | 10.0.2 | |
| dolibarr/dolibarr | le | 10.0.2 |
Related
ubuntucve
ubuntucve
CVE-2019-17577
2019-10-16 00:00:00
nvd
nvd
CVE-2019-17577
2019-10-16 18:15:25
prion
prion
Design/Logic Flaw
2019-10-16 18:15:00
cvelist
cvelist
CVE-2019-17577
2019-10-16 17:40:10
github
github
Dolibarr Cross-site Scripting via outgoing email setup feature
2022-05-24 16:58:57
cve
cve
CVE-2019-17577
2019-10-16 18:15:25
osv
osv
CVE-2019-17577
2019-10-16 18:15:25
Dolibarr Cross-site Scripting via outgoing email setup feature
2022-05-24 16:58:57
openvas
openvas
Dolibarr <= 10.0.2 Multiple Vulnerabilities
2019-12-09 00:00:00